1. After a recent security breach, it was discovered that a developer had promoted code that had been written to the production environment as a hotfix to resolve auser navigation issue that was causing issues for several customers. The code had inadvertently granted administrative privileges to all users, allowinginappropriate access to sensitive data and reports. Which of the following could have prevented this code from being released into the production environment?

A) Automated reporting
B) Cross training
C) Separation of duties
D) Succession planning



2. A cybersecurity analyst has several log files to review. Instead of using grep and cat commands, the analyst decides to find a better approach to analyze thelogs. Given a list of tools, which of the following would provide a more efficient way for the analyst to conduct a timeline analysis, do keyword searches, and output areport?

A) Kali
B) Splunk
C) OSSIM
D) Syslog



3. A security analyst has noticed that a particular server has consumed over 1TB of bandwidth over the course of the month. It has port 3333 open, however, therehave not been any alerts or notices regarding the server or its activities. Which of the following did the analyst discover?

A) Zero day
B) False positive
C) APT
D) DDoS



4. A Chief Information Security Officer (CISO) wants to standardize the companys security program so it can be objectively assessed as part of an upcoming auditrequested by management.Which of the following would holistically assist in this effort?

A) NIST
B) AUP
C) ITIL
D) Scrum
E) Nessus


5. A production web server is experiencing performance issues. Upon investigation, new unauthorized applications have been installed and suspicious traffic was sentthrough an unused port. Endpoint security is not detecting any malware or virus. Which of the following types of threats would this MOST likely be classified as?

A) Zero day
B) Advanced persistent threat
C) Buffer overflow vulnerability
D) Botnet